Custom Authentication without Server

  • Thread starter Thread starter Rudi Hausmann
  • Start date Start date
R

Rudi Hausmann

Hi,

I want to implement my own "primitive" Authentication.
I use following code in web.config:

<authentication mode="Forms">
<forms name="FwLoginCookie"
loginUrl="Login.aspx"
protection="All"
timeout="30"
path="/"
requireSSL="false">
<credentials passwordFormat="Clear">
<user name="private" password="private" />
<user name="test" password="test" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>

I created a Login.aspx page. When I try to login with test (test) I get
an sql server error:

An error has occurred while establishing a connection to the server.
When connecting to SQL Server 2005, this failure may be caused by the
fact that under the default settings SQL Server does not allow remote
connections. (provider: SQL Network Interfaces, error: 26 - Error
Locating Server/Instance Specified)

How do I create a page so I can log in with the credentials provided
within web.config?

Can I use the Login control and provide my own login (e.g. implemented
in my own library)?

Regards,

Rudi
 
I created a Login.aspx page. When I try to login with test (test) I get
an sql server error:

An error has occurred while establishing a connection to the server.
When connecting to SQL Server 2005, this failure may be caused by the
fact that under the default settings SQL Server does not allow remote
connections. (provider: SQL Network Interfaces, error: 26 - Error
Locating Server/Instance Specified)
Click to expand...

Are you sure that this error occured on the login.aspx?
login.aspx redirects back to the original page
 
Alexey said:
Are you sure that this error occured on the login.aspx?
login.aspx redirects back to the original page
Click to expand...

Yes, I am. When I press the Log In button I get the error above. I just
want the credentials to be read from web.config and not from a database
which I didn't set up and which I also don't want to set up.
 
Yes, I am. When I press the Log In button I get the error above. I just
want the credentials to be read from web.config and not from a database
which I didn't set up and which I also don't want to set up.
Click to expand...

Okay. Let's test it. Take my login.aspx and try to login with any of
your name

<%@ Page Language="VB" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Web.Security " %>
<HTML>
<HEAD>
<title>Test</title>
</HEAD>
<body>
<form id="Form1" runat="server">

Name:<br />
<input id="UserName" type="text" runat="server"><br />

Password:<br />
<input id="Password1" type="password" runat="server"><br />

<input type="submit" OnServerClick="SubmitBtn_Click" runat="server"
ID="Submit1" NAME="Submit1" value="Try login!">

<asp:Label id="lblMsg" runat="server" />
</form>
<script language="vb" runat="server">

Sub SubmitBtn_Click(ByVal Source as Object, ByVal E as EventArgs)
If FormsAuthentication.Authenticate(Username.Value, UserPass.Value)
Then
FormsAuthentication.RedirectFromLoginPage (UserName.Value, false)
else
lblMsg.text="Credentials not valid!"
End If
End Sub

</script>
</body>
</HTML>
 
Okay. Let's test it. Take my login.aspx and try to login with any of
your name

<%@ Page Language="VB" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Web.Security " %>
<HTML>
<HEAD>
<title>Test</title>
</HEAD>
<body>
<form id="Form1" runat="server">

Name:<br />
<input id="UserName" type="text" runat="server"><br />

Password:<br />
<input id="Password1" type="password" runat="server"><br />

<input type="submit" OnServerClick="SubmitBtn_Click" runat="server"
ID="Submit1" NAME="Submit1" value="Try login!">

<asp:Label id="lblMsg" runat="server" />
</form>
<script language="vb" runat="server">

Sub SubmitBtn_Click(ByVal Source as Object, ByVal E as EventArgs)
If FormsAuthentication.Authenticate(Username.Value, UserPass.Value)
Then
FormsAuthentication.RedirectFromLoginPage (UserName.Value, false)
else
lblMsg.text="Credentials not valid!"
End If
End Sub

</script>
</body>
</HTML>
Click to expand...

Wait, add another Test.aspx form with the following code (just one
line of code):

----------
My User Name is: <%=User.Identity.Name%>
----------

Then

1) call this page http://localhost/Test.aspx
2) it will forward you http://localhost/Login.aspx
3) type username / password
4) if username / password were correct you will be redirected back to
http://localhost/Test.aspx
5) you should see your username
 
Hi Alexey,

Thanks a lot for answer and your effort!
I adapted the code until it run fine on my machine. (The code is below.)
Having your keywords in your code it`s much easier to come further.

I guess when exchange "FormsAuthentication.Authenticate" with
"MyOwnLogInTest(user,pass)" I can have my own authentication.

Moreover I assume that I can't use the asp.net login controls.

Regards,

Rudi



-------------------------------------
<%@ Page Language="VB" %>

<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Web.Security " %>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Test</title>
</head>
<body>
<form id="Form1" runat="server">
Name:<br />
<input id="UserName" type="text" runat="server" /><br />
Password:<br />
<input id="UserPass" type="password" runat="server" /><br />
<input type="submit" onserverclick="SubmitBtn_Click"
runat="server" id="Submit1"
name="Submit1" value="Try login!" />
<asp:Label ID="lblMsg" runat="server" />
</form>

<script language="vb" runat="server">

Sub SubmitBtn_Click(ByVal Source As Object, ByVal E As EventArgs)
If FormsAuthentication.Authenticate(UserName.Value,
UserPass.Value) Then

FormsAuthentication.RedirectFromLoginPage(UserName.Value, False)
Else
lblMsg.Text = "Credentials not valid!"
End If
End Sub

</script>

</body>
</html>
 
Back
Top